Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Supported Honeycomb FIM Event Types Logged by JSA

The Honeycomb FIM DSM for JSA can collect events from several event categories.

Each event category contains low-level events that describe the action that is taken within the event category. For example, file rename events might have a low-level category of either file rename successful or file rename failed.

The following list defines the event categories that are collected by JSA for Honeycomb file integrity events:

  • Baseline events

  • Open file events

  • Create file events

  • Rename file events

  • Modify file events

  • Delete file events

  • Move file events

  • File attribute change events

  • File ownership change events

JSA can also collect Windows and other log files that are forwarded from Honeycomb Lexicon. However, any event that is not a file integrity event might require special processing by a custom log source type or a log source extension in JSA.